AkzoNobel confirmed that a cyberattack breached the network of one of its United States locations, resulting in the exposure of around 170,000 files. According to TechRadar, a ransomware operator called Anubis posted that it stole 170 gigabytes of data, including user emails, phone numbers and technical data.

AkzoNobel acknowledged the attack in a statement to BleepingComputer.

“AkzoNobel has identified a security incident at one of our sites in the United States,” the company tells BleepingComputer. “The incident was limited to the respective site and was already contained. The impact is limited, and we are taking the appropriate steps to notify and support impacted parties and will work closely with relevant authorities.”

BleepingComputer reports that the published data contains email addresses, phone numbers, private email correspondence, passport scans, testing documents, internal technical specification sheets and confidential agreements with high-profile clients.

Anubis is a ransomware-as-a-service operation that launched in December 2024. It is known for its aggressive extortion tactics, including a “double extortion” model and a feature that can permanently destroy data, making recovery impossible even if the ransom is paid. TrendMicro states that Anubis has hit multiple sectors, including healthcare and construction, in Australia, Canada, Peru and the U.S.